Page 3 of 14 results (0.038 seconds)

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2023-3019 – Qemu: e1000e: heap use-after-free in e1000e_write_packet_to_guest()

https://notcve.org/view.php?id=CVE-2023-3019

A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. • https://access.redhat.com/errata/RHSA-2024:0135 https://access.redhat.com/errata/RHSA-2024:0404 https://access.redhat.com/errata/RHSA-2024:0569 https://access.redhat.com/errata/RHSA-2024:2135 https://access.redhat.com/security/cve/CVE-2023-3019 https://bugzilla.redhat.com/show_bug.cgi?id=2222351 https://security.netapp.com/advisory/ntap-20230831-0005 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-3354 – Improper i/o watch removal in tls handshake can lead to remote unauthenticated denial of service

https://notcve.org/view.php?id=CVE-2023-3354

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service. • https://access.redhat.com/security/cve/CVE-2023-3354 https://bugzilla.redhat.com/show_bug.cgi?id=2216478 https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-0664

https://notcve.org/view.php?id=CVE-2023-0664

A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system. • https://bugzilla.redhat.com/show_bug.cgi?id=2167423 https://gitlab.com/qemu-project/qemu/-/commit/07ce178a2b0768eb9e712bb5ad0cf6dc7fcf0158 https://gitlab.com/qemu-project/qemu/-/commit/88288c2a51faa7c795f053fc8b31b1c16ff804c5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEOC7SRJWLZSXCND2ADFW6C76ZMTZLE4 https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg01445 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •

CVSS: 6.0EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-0330 – Qemu: lsi53c895a: dma reentrancy issue leads to stack overflow

https://notcve.org/view.php?id=CVE-2023-0330

A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free. • https://access.redhat.com/security/cve/CVE-2023-0330 https://bugzilla.redhat.com/show_bug.cgi?id=2160151 https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html https://lists.nongnu.org/archive/html/qemu-devel/2023-01/msg03411.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •